FOLLOW US ON FACEBOOK!
Thursday, June 30, 2011
Security Breach Of The Week: Groupon's Sosasta
SecurityProNews
Joe Purcell
Staff Writer
2011-06-30
Insider Reports RSS Feed
It's been a busy week for hacking and data loss news: (1) T&T Supermarket lost up to 58,000 records of customers and job applicants, (2) Gannet Government Media Corp lost names, passwords, emails, duty status, pay grade, and branch of service of various military personnel, (3) Arizona Department of Public Safety supposedly lost names, addresses, phone numbers, passwords, SSN numbers, online dating account information, voicemails, chat logs, and pictures of some officers' girlfriends, and the security breach of the week goes to (4) Groupon's Indian subsidiary, Sosasta, which exposed 300,000 email accounts and passwords. Though some of these occurred earlier in the month, the organizations are just now reporting the incidents.
1. T&T Supermarket
The T&T attacks against its customers and suppliers took place on June 6, 7, 11, and 14-17 which redirected customers ordering online or job applicants to a malicious site. According to one article, information like credit card numbers, date of birth, and SSN numbers were not collected and therefore could not have been compromised. The company just reported the incident last Friday and how the attack was accomplished is still being investigated.
2. Gannet Government Media Corp
On June 7th, attackers accessed names, passwords, and emails; duty status, paygrade, and branch of service of military personell. The organization produces defense News and other publications tailored to the US Army, Navy, Air Force and Marine Corps, according to Reuters. This could be part of the recent Operation Anti-Security, which we will mention later. The organization just reported the incident this past Monday, and the source and method of the attack have yet to be determined.
3. Arizona Department of Public Safety
Perhaps this too is part of Operation Anti-Security. The "private emails, social networking accounts, photos and other personal information which was claimed from at least a dozen officers" were posted online, according to an article. The group said it was looking for humiliating information and may have obtained even more information, such as emails, passwords, and SSN numbers.
4. Groupon's Sosasta (Breach of the Week)
Groupon's Indian subsidiary, Sosasta, exposed 300,000 email addresses and passwords last Saturday allegedly by storing a plain text SQL file which was then indexed by Google. According to The Register, the emails were discovered by Daniel Grzelak (@dagrz) by searching for "filetype:sql", "password", and "gmail." He thenposted on Twitter that he had notified Risky Business. However, the company was quick to respond and reported the incident this past Monday.
Lesson Learned: Don't Store SQL Backups in a Public Directory
Hopefully, Sosasta's SQL file wasn't found by anyone but Grzelak, and more so that companies are more careful about where they store their backups. We will see how the hacking targets change with the supposedly joint Operation Anti-Security by the hacker groups LulzSec and Anonymous which is targeting government and related agencies. Their post on Pastebin is a call for any and all to join in. Ode to basic security measures!
In closing, I will recommend a security tool called OSForensics. It is made for Windows and allows you to decrypt hashed passwords, recover deleted files, uncover recent activity, find emails, and even extract logins and passwords stored by various programs. The program can be very useful for determining security holes on your own PC, such as passwords stored by browsers. See this how-toand perhaps discover your digital fingerprints are much larger than expected!
About the Author:
Joe Purcell is a technology virtuoso, cyberspace frontiersman, and connoisseur of Linux, Mac, and Windows alike.
Joe Purcell Staff Writer
2011-06-30
Insider Reports RSS Feed |
It's been a busy week for hacking and data loss news: (1) T&T Supermarket lost up to 58,000 records of customers and job applicants, (2) Gannet Government Media Corp lost names, passwords, emails, duty status, pay grade, and branch of service of various military personnel, (3) Arizona Department of Public Safety supposedly lost names, addresses, phone numbers, passwords, SSN numbers, online dating account information, voicemails, chat logs, and pictures of some officers' girlfriends, and the security breach of the week goes to (4) Groupon's Indian subsidiary, Sosasta, which exposed 300,000 email accounts and passwords. Though some of these occurred earlier in the month, the organizations are just now reporting the incidents.
 |
| Security Breach Of The Week: Groupon's Sosasta |
 |
1. T&T Supermarket
The T&T attacks against its customers and suppliers took place on June 6, 7, 11, and 14-17 which redirected customers ordering online or job applicants to a malicious site. According to one article, information like credit card numbers, date of birth, and SSN numbers were not collected and therefore could not have been compromised. The company just reported the incident last Friday and how the attack was accomplished is still being investigated.
2. Gannet Government Media Corp
On June 7th, attackers accessed names, passwords, and emails; duty status, paygrade, and branch of service of military personell. The organization produces defense News and other publications tailored to the US Army, Navy, Air Force and Marine Corps, according to Reuters. This could be part of the recent Operation Anti-Security, which we will mention later. The organization just reported the incident this past Monday, and the source and method of the attack have yet to be determined.
3. Arizona Department of Public Safety
Perhaps this too is part of Operation Anti-Security. The "private emails, social networking accounts, photos and other personal information which was claimed from at least a dozen officers" were posted online, according to an article. The group said it was looking for humiliating information and may have obtained even more information, such as emails, passwords, and SSN numbers.
4. Groupon's Sosasta (Breach of the Week)
Groupon's Indian subsidiary, Sosasta, exposed 300,000 email addresses and passwords last Saturday allegedly by storing a plain text SQL file which was then indexed by Google. According to The Register, the emails were discovered by Daniel Grzelak (@dagrz) by searching for "filetype:sql", "password", and "gmail." He thenposted on Twitter that he had notified Risky Business. However, the company was quick to respond and reported the incident this past Monday.
Lesson Learned: Don't Store SQL Backups in a Public Directory
Hopefully, Sosasta's SQL file wasn't found by anyone but Grzelak, and more so that companies are more careful about where they store their backups. We will see how the hacking targets change with the supposedly joint Operation Anti-Security by the hacker groups LulzSec and Anonymous which is targeting government and related agencies. Their post on Pastebin is a call for any and all to join in. Ode to basic security measures!
In closing, I will recommend a security tool called OSForensics. It is made for Windows and allows you to decrypt hashed passwords, recover deleted files, uncover recent activity, find emails, and even extract logins and passwords stored by various programs. The program can be very useful for determining security holes on your own PC, such as passwords stored by browsers. See this how-toand perhaps discover your digital fingerprints are much larger than expected!
About the Author:
Joe Purcell is a technology virtuoso, cyberspace frontiersman, and connoisseur of Linux, Mac, and Windows alike.
